Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
File: 5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa (raw, json)
Hash identifier: 3cSP3qPYqjxGCbCOGxgB24fcvx7nUwTJAaImzL6z4+I=
Subject key identifier: 31:F4:E4:D2:05:63:23:32:0A:AE:43:E3:1C:16:20:75:0E:DA:8B:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7DB3E44D6921429D3013C6B9CDC037B6163C9A90
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
Signing time: Fri 08 Sep 2023 00:00:00 +0000
ROA not before: Fri 08 Sep 2023 00:00:00 +0000
ROA not after: Fri 13 Oct 2023 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1020::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Sep 2023 08:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:b3:e4:4d:69:21:42:9d:30:13:c6:b9:cd:c0:37:b6:16:3c:9a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 8 00:00:00 2023 GMT
Not After : Oct 13 23:59:59 2023 GMT
Subject: serialNumber=fb3b73f228e0affe5901b2811a623ae6464110ee5adc54d8594d1650cd8c4808, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:85:8a:58:63:8e:b3:75:63:f9:05:69:dd:fa:
4b:e1:f5:3a:04:94:f4:32:47:23:95:7b:96:ef:14:
58:29:91:17:25:5e:bf:79:38:5d:50:55:96:3c:a0:
7a:7d:09:21:f0:41:93:c5:1f:61:97:cb:5c:b8:75:
b8:01:c9:b8:d9:4c:9a:c3:31:f4:9e:e9:3f:40:92:
d8:e7:b2:d6:61:62:73:26:d2:1b:28:6e:e4:f1:6d:
bf:27:c6:d5:31:ea:5f:88:c9:77:d0:a4:3b:06:0b:
db:0d:ad:fa:38:92:b5:47:ed:de:1f:42:c5:06:e1:
91:cd:7c:f2:50:bc:21:0c:b7:0e:36:4c:08:13:d7:
34:1f:0e:fa:61:23:46:60:cb:07:54:8d:82:51:4e:
b6:3f:44:87:45:5f:46:00:06:2c:49:63:27:13:01:
df:40:1c:31:18:56:7b:c9:5c:72:e0:87:90:13:04:
88:e7:37:db:8c:2e:8e:bb:92:6e:86:d9:16:00:a2:
12:6b:c1:29:9e:88:e3:ad:4b:60:70:bd:a3:58:93:
1b:c4:b8:a7:95:44:6d:2f:0a:63:58:b7:6f:83:fb:
79:fa:b4:60:7f:fd:8d:8a:79:fa:d7:58:a6:d1:93:
93:19:fc:10:1b:c3:ad:5e:5a:71:4e:ea:2d:08:95:
a0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F4:E4:D2:05:63:23:32:0A:AE:43:E3:1C:16:20:75:0E:DA:8B:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1020::/43
Signature Algorithm: sha256WithRSAEncryption
ca:e8:0d:41:d4:c2:a6:b5:e0:50:b1:7f:63:d7:14:57:77:37:
eb:36:ab:59:27:f1:56:fd:4f:fb:61:71:d9:75:e6:f3:d6:6e:
d3:ea:e5:32:69:49:a7:90:e1:0a:b8:b0:43:36:bb:cf:09:57:
fb:7e:36:e4:74:ac:f2:74:dc:37:41:fa:83:8d:dd:07:02:6a:
cd:c8:ed:d3:14:f0:c8:8e:d5:e4:18:d3:5d:d5:85:da:9a:d5:
e4:0d:80:ae:0d:81:69:a6:c2:67:04:49:99:e1:da:de:6e:c8:
dc:38:77:b6:e9:16:31:da:23:68:10:17:77:76:9e:b5:aa:0c:
ab:c4:6f:57:17:c6:fb:5c:19:7e:71:38:c6:c2:9f:a1:b3:22:
69:b6:40:ae:4e:6e:c3:c1:34:db:ef:7e:b3:38:0f:b2:9d:06:
d3:90:3b:4d:ec:0a:de:75:69:b4:a8:04:16:f4:41:35:71:68:
67:b7:25:67:94:d3:96:26:78:d4:8f:a9:40:5d:b1:a3:ff:ba:
d4:08:c5:8d:c7:5c:88:a9:65:c7:a9:ba:d3:92:a0:a3:bc:14:
47:b9:a5:2f:8d:ef:24:4d:b1:f8:ba:b0:ee:1d:f0:e6:49:02:
03:44:5b:4c:d1:a8:0e:28:eb:6d:75:a6:da:e8:1a:7e:d3:59:
94:46:f1:12
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUfbPkTWkhQp0wE8a5zcA3thY8mpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzA5MDgwMDAwMDBaFw0yMzEwMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiM2I3M2YyMjhlMGFmZmU1OTAxYjI4MTFhNjIzYWU2NDY0MTEwZWU1YWRj
NTRkODU5NGQxNjUwY2Q4YzQ4MDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeFilhjjrN1Y/kFad36S+H1OgSU9DJHI5V7lu8UWCmRFyVev3k4XVBVljyg
en0JIfBBk8UfYZfLXLh1uAHJuNlMmsMx9J7pP0CS2Oey1mFicybSGyhu5PFtvyfG
1THqX4jJd9CkOwYL2w2t+jiStUft3h9CxQbhkc188lC8IQy3DjZMCBPXNB8O+mEj
RmDLB1SNglFOtj9Eh0VfRgAGLEljJxMB30AcMRhWe8lccuCHkBMEiOc324wujruS
bobZFgCiEmvBKZ6I461LYHC9o1iTG8S4p5VEbS8KY1i3b4P7efq0YH/9jYp5+tdY
ptGTkxn8EBvDrV5acU7qLQiVoFsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQx9OTS
BWMjMgquQ+McFiB1DtqLrjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWY0YTY2YmItM2JiZi00ZjJkLTgxYTEtODkwMDVmMWJiN2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoBBXgQ
IDANBgkqhkiG9w0BAQsFAAOCAQEAyugNQdTCprXgULF/Y9cUV3c36zarWSfxVv1P
+2Fx2XXm89Zu0+rlMmlJp5DhCriwQza7zwlX+3425HSs8nTcN0H6g43dBwJqzcjt
0xTwyI7V5BjTXdWF2prV5A2Arg2BaabCZwRJmeHa3m7I3Dh3tukWMdojaBAXd3ae
taoMq8RvVxfG+1wZfnE4xsKfobMiabZArk5uw8E02+9+szgPsp0G05A7TewK3nVp
tKgEFvRBNXFoZ7clZ5TTliZ41I+pQF2xo/+61AjFjcdciKllx6m605Kgo7wUR7ml
L43vJE2x+Lqw7h3w5kkCA0RbTNGoDijrbXWm2ugaftNZlEbxEg==
-----END CERTIFICATE-----
Generated at Fri Sep 8 15:41:27 2023 by rpki-client on console-ams.rpki-client.org